Phishing and Spoofing

Phishing is a serious problem that is achieved in a number of different ways. Email spoofing and website spoofing are two of the primary methods by which phishers acquire sensitive information from unsuspecting Internet users.

While email spoofing and website spoofing are sometimes used separately, they are often used in concert with each other. For example, a spoofed email is used to lead a victim to a spoofed website; the spoofed website requests sensitive financial information or login information from the victim. In this way, a successful phishing attempt may be undertaken.

What is Email Spoofing?

Most people know that it’s unwise to download files or click on links that appear in emails from unknown senders. What happens if the sender appears to be legitimate but really isn’t, though? This is precisely what happens in an email spoofing or phishing attack. The hacker sends emails that appear to originate from trustworthy sources. In some cases, they appear to be sent from legitimate companies; in others, they may even appear to come from friends, family members and coworkers. This is exactly how crimes like CEO fraud are started, criminals bank on targeted employees not questioning to comply with what the 'CEO' is asking for. In any case, they lend the recipient a false sense of security that makes them more likely to open files and click on links. For IT professionals, it's a good idea to run a free KnowBe4 Domain Spoof Test to see if it's possible for hackers to spoof your domain.

Email Spoofing Methods

There are many different ways to mask the true origins of an email. The clever use of subdomains can make emails look like they are arriving from trusted sources. For instance, the name of a company may be added to the term “customer service” to create a seemingly trustworthy domain. Emails that are sent from that domain are more likely to be perceived as trustworthy. In other cases, phishers simply transpose a couple of strategic letters to make email addresses look more legitimate. They don’t just stick with the “from” field, either; they typically switch around the return path and the “reply to” fields to appear as realistic as possible.

What is Website Spoofing?

Like email spoofing, website spoofing is used to make people believe that they are interacting with a trusted, legitimate company or person. Especially sophisticated methods of website spoofing can result in forged sites that appear nearly identical to their legitimate counterparts. If you are in a hurry, it is especially easy to fall prey to these sites. At a glance, they often appear to be real. Whenever you access a site through a link, it is important to be especially skeptical about it. Look closely at the URL. Keep in mind, however, that there are ways to cloak URLs.

Website Spoofing Methods

A wide range of phishing techniques are used to create spoofed websites. As mentioned above, URL cloaking is a popular method. Through the use of specialized scripts, phishers can cover up the true URL with one that is associated with a trusted website. Subdomains are also commonly used to confuse Internet users and to lend them false senses of security. Internationalized domains are increasingly being used in this way too. As with spoofed email addresses, URLs sometimes contained a few transposed letters. At a glance, they appear to be correct and are trusted by unsuspecting Internet users.

Don’t Become a Victim!

Even if you are a seasoned Internet user, it is easy to fall prey to the sophisticated techniques that are used in website and email spoofing. With the wool pulled over your eyes, you could inadvertently give phishers extremely damaging information. The best way to handle spoofed emails and spoofed websites is by exercising caution at all times. If something seems “off” about an email, do not open attached files or click on included links. Type in a site’s URL manually to avoid landing on a spoofed version of it. By taking your time and being careful, you should be able to avoid most problems.